This is interesting as I don't see the cloud being hosted anywhere in particular... I'm guessing this is probably naive but it's a nice vision I have of things just working.

I don't zoom into the nitty gritty of some data center somewhere in a back-lot in the good old US of A - one of those nice zoom-ins where your field of view starts in space, next to a satellite perhaps, and gradually falls closer and closer to California somewhere, perhaps panning past an air-liner on the way down and startling some birds. When we touch down we see some huge warehouse surrounded by razor-wire fences and rabid attack dogs. We get to a steel-plate door and see a harried tech guy with a pocket protector and spectacles (which he has to push up after) getting lazer eye scanned in order to get in. We follow him through the door and, while he moves off to the left, we pan right and raise to see rows upon rows of servers stacks... perhaps with some other industrious techy (different ethnicity but still a guy) swapping out a damaged, perhaps gently smoking, hard drive and replacing it with a fresh one.

Nope. I see some nebulous cloud where everything is taken care of for me, I don't need to worry about crashed hard-drives, rabid dogs or startling a seagull!

And this is the way I hope everyone sees it but I guess the worry is the recent censorious nature of legislation in the States. No one can fail to have seen links to various campaigns associated with protecting IP lately (though my browsing habits are a little geeky so perhaps I'm wrong). It might be argued that it's only a matter of time before the legislature in the USA decides that if data is hosted in their country then they should have control over it... in the case of BAe I can understand the concern: You really don't want the monstrous military-industrial complex sneaking peaks at your latest design for a weapon of mass distraction now do you?

But on the other hand I'm not too sure that that is even possible. The sheer amounts of data and the mechanisms employed by Cloud providers means that the location of any particular bit of data is really quite hard to determine. While security through obscurity isn't a brilliant policy it does mean that that data will be extremely expensive to find for anyone except you.

I'm not sure how expensive it is to task a Navy Seal team to break into your offices in order to access the data you're wanting to protect but I'm guessing that it'll not be cheap. I'm not sure how much it'd be to bribe the lowest paid member of staff who has access to all of your sensitive data but I'm guessing it'll be a whole lot cheaper than either sending in the Seals or trying to wrangle the exact location of your stuff in the cloud.

Heck, once you start thinking seriously about the risks associated with holding any type of sensitive data then it's easy to go ever so slightly paranoid! We don't even need to bring into question the trustfulness of your staff. How much would a local lag charge to break into your premises and nick a particular piece of kit?